Skip to main content
    Back to episode
    Episode 35 · August 26, 2025 · 43m listen · 721 words · ~4 min read

    Integrating Project Management to Strengthen Cybersecurity Outcomes with Steve Curry | Ep. 34 - Full Transcript | The Med Device Cyber Podcast

    Read the complete, searchable transcript of Episode 35 of The Med Device Cyber Podcast - expert conversations on medical device cybersecurity, FDA premarket and postmarket guidance, SBOM management, threat modeling, and penetration testing.

    Prefer the listening experience? Open the episode page for the synopsis, key takeaways, topics, and Apple / YouTube listen links.

    Episode summary

    In this episode of The Med Device Cyber Podcast, host Christian Espinosa welcomes project management expert Steve Curry, founder of Mustard Seed, to discuss the critical role of robust project management in strengthening cybersecurity outcomes for medtech innovators. Curry draws on his extensive experience in the defense industry to highlight how rigorous planning and execution, often overlooked in the sciences, are essential for successful product development and market entry. The conversation emphasizes the importance of integrating cybersecurity, regulatory (FDA premarket, 510k), and risk management considerations early in the medical device product lifecycle, rather than treating them as afterthoughts. They discuss practical project management frameworks, including integrated master schedules and work breakdown structures, and the benefits of a phase-gate process for incorporating cybersecurity throughout the development cycle. The episode also touches on common challenges in medtech project management, the rising scrutiny from investors regarding execution frameworks, and the strategic advantages of leveraging fractional or outsourced project management and cybersecurity expertise to navigate complex regulatory landscapes and accelerate time to market.

    Key takeaways from this episode

    • Effective project management, including comprehensive planning and scheduling, is crucial for successful medical device development and strengthens cybersecurity outcomes.
    • Integrating cybersecurity and regulatory considerations early in the product lifecycle through a structured project management framework reduces costs, minimizes delays, and improves time to market.
    • Utilizing tools like an integrated master schedule and a phase-gate process helps account for all scope and ensures cybersecurity is addressed iteratively throughout design and development.
    • Investors are increasingly scrutinizing project and execution frameworks, including cybersecurity roadmaps, as a critical factor for medtech startup success.
    • Fractional or outsourced project management and cybersecurity expertise can provide specialized support and efficiency, proving more cost-effective and comprehensive than hiring individual full-time roles for early to mid-stage medtech companies.
    • Efficient meeting hygiene, including selective invitations and clear agendas, is vital to prevent time and resource wastage and improve overall team productivity.
    • Companies should carefully select project management software that can scale with their growth, with tools like SmartSheet often recommended for its user-friendliness and comprehensive features.
    • Continuous risk management and effective execution are key differentiators for medtech innovators, helping to derisk projects and accelerate product commercialization.

    Topics covered in this transcript

    Full episode transcript

    Hi, welcome to another episode of The Med Device Cyber Podcast. Today I'm here with a guest, Steve Curry. Steve works with project management, and project management is one of my favorite topics. I am a project manager, a PMP myself, a Project Management Professional, and I think our lives would greatly improve if we implemented some project management principles in our lives, as well as our business and pretty much everything we do. So, I'm excited to talk about project management today and tie it to cybersecurity because I feel like if people applied cybersecurity in a project management framework, we wouldn't have as many challenges as we do with medtech innovators getting roadblocked by cybersecurity because they forgot to put it in their project management plan. Welcome to the show, Steve. How's it going today? Yeah, thanks for having me today, Christian. Appreciate it. Excited to be on the podcast and talking to your audience. So, thanks for the invite. Awesome. And where are you coming from today? Hey, where are you? I'm based out of Westchester, Pennsylvania, a beautiful suburb of Philadelphia. All right, awesome. Yeah, a friend of mine lives in Philadelphia. He says that they grow a lot of mushrooms in Philadelphia. Is that true? I don't know, I don't know anything about that perhaps. All right, cool. And you're with Mustard Seed. Can you tell us a little bit about Mustard Seed and maybe the name and kind of what you do in MedTech and a little bit about the background? Yeah, absolutely. So, I started Mustard Seed four years ago with the idea that project management in the sciences needs to be better. So, I really cut my teeth in the defense industry working on big helicopter programs, programs that were generally firm fixed price, a billion or two billion dollar price tags associated with those programs. And so, when you have large-scale firm fixed price contracts, the project and program management best practices have to be good, or else your company might put lives in danger and/or you may have a loss of a couple hundred million on that program. So, the rigor was something that I took with me the rest of my career. I left that industry and went into the sciences. And in the sciences, I noticed project management best practices are infrequently utilized, and there was a real opportunity to make a difference for those scientists and innovators that are making a huge impact on our world. So, I wanted to help where I could. And so, yeah, the last four years, we've been bringing on project managers, and we have been supporting medtech, biotech, and pharma companies in their developmental efforts, and it's been a lot of fun. So, we've got a team of about 15 project managers today, supporting a little over a dozen clients in a variety of different ways. Awesome. And where does the company name come from? It's a very unique name. Yeah, so if you've ever seen mustard seeds, they're about the size of a grain of sand or even smaller. But they can grow as plants to be 8 or 9 feet tall if properly cared for. And so, for me, that was an analogy of project management in the sciences, where it's often overlooked, but if you know what you're looking at and properly integrated into your team, it can be a differentiator and an important part of what you're trying to do. Awesome. Is that where mustard comes from, the mustard plants actually? I don't even know. Yeah, I believe so. Yep. Okay, cool. I'm more of a mayonnaise guy, but yeah. Awesome. I prefer horseradish. I used to live in Illinois where the horseradish capital of the world was. So, yeah. Cool. And so, you've been, you originally worked with the DoD, it sounds like, with some of the big defense contracting. A lot of my experience was in DoD as well, with project management also. What are some of the biggest challenges in medtech when it comes to project management? You feel like I know you mentioned a lot of people just don't even consider it. Besides that, what are some of the bigger challenges? Yeah, you're right. The first hurdle is just consideration. So, we always say,